Search Results (8339 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-1371 1 Ibm 1 Websphere Ilog Rule Team Server 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in content/error.jsp in IBM WebSphere ILOG Rule Team Server 7.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors that trigger an Unknown Error document, a different vulnerability than CVE-2011-4171.
CVE-2011-1370 1 Ibm 1 Lotus Sametime 2025-04-11 N/A
The default configuration of the Sametime configuration servlet (SCS) in the server in IBM Lotus Sametime 7.0 through 8.5.2 does not enable an authentication requirement, which allows remote attackers to read the configuration settings by examining a response message.
CVE-2010-3318 1 Ibm 1 Filenet Content Manager 2025-04-11 N/A
IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 transmits passwords in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.
CVE-2013-2974 1 Ibm 1 Tivoli Application Dependency Discovery Manager 2025-04-11 N/A
The BIRT viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.x before 7.2.1.5 allows remote authenticated users to bypass authorization checks and obtain report-administration privileges, and consequently create or delete reports or conduct SQL injection attacks, via crafted parameters to the BIRT reporting URL.
CVE-2010-3317 1 Ibm 1 Filenet Content Manager 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-3320 1 Ibm 1 Filenet Content Manager 2025-04-11 N/A
Open redirect vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVE-2011-1372 1 Ibm 4 Ts3100 Tape Library, Ts3100 Tape Library Firmware, Ts3200 Tape Library and 1 more 2025-04-11 N/A
The Web User Interface on the IBM TS3100 and TS3200 tape libraries with firmware before A.60 allows remote attackers to bypass authentication and obtain administrative access via unspecified vectors.
CVE-2011-1378 2 Hp, Ibm 2 Openvms, Websphere Mq 2025-04-11 N/A
IBM WebSphere MQ 6.0 on OpenVMS, when the default rights of the MQM group are established, does not properly verify User Authorization File (UAF) data, which allows local users to kill listener processes and the command server via a control command.
CVE-2011-4160 4 Hp, Ibm, Linux and 1 more 6 Hp-ux, Operations Agent, Performance Agent and 3 more 2025-04-11 N/A
Unspecified vulnerability in HP Operations Agent 11.00 and Performance Agent 4.73 and 5.0 on AIX, HP-UX, Linux, and Solaris allows local users to bypass intended directory-access restrictions via unknown vectors.
CVE-2012-0198 1 Ibm 1 Tivoli Provisioning Manager Express For Software Distribution 2025-04-11 N/A
Stack-based buffer overflow in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control in IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 allows remote attackers to execute arbitrary code via vectors related to an Asset Information file.
CVE-2012-0199 1 Ibm 1 Tivoli Provisioning Manager Express For Software Distribution 2025-04-11 N/A
Multiple SQL injection vulnerabilities in IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 allow remote attackers to execute arbitrary SQL commands via (1) a SOAP message to the Printer.getPrinterAgentKey function in the SoapServlet servlet, (2) the User.updateUserValue function in the register.do servlet, (3) the User.isExistingUser function in the logon.do servlet, (4) the Asset.getHWKey function in the CallHomeExec servlet, (5) the Asset.getMimeType function in the getAttachment (aka GetAttachmentServlet) servlet, (6) the addAsset.do servlet, or (7) a crafted EG2 file.
CVE-2010-3398 1 Ibm 1 Lotus Sametime 2025-04-11 N/A
Unspecified vulnerability in the webcontainer implementation in IBM Lotus Sametime Connect 8.5.1 before CF1 has unknown impact and attack vectors, aka SPRs LXUU87S57H and LXUU87S93W.
CVE-2013-4070 1 Ibm 1 Spss Collaboration And Deployment Services 2025-04-11 N/A
The Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to discover an internal password via unspecified vectors.
CVE-2013-4804 1 Ibm 1 Business Process Monitor 2025-04-11 N/A
Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remote attackers to execute arbitrary code and obtain sensitive information via unknown vectors.
CVE-2013-5372 2 Ibm, Redhat 3 Websphere Message Broker, Network Satellite, Rhel Extras 2025-04-11 N/A
The XML4J parser in IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.7, and 8.0 before 8.0.0.4 and IBM Integration Bus 9.0 before 9.0.0.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document that triggers expansion for many entities.
CVE-2013-5373 1 Ibm 1 Rational Clearcase 2025-04-11 N/A
The RemoteClient component in IBM Rational ClearCase 8.0.0.03 through 8.0.0.07, and 8.0.1, uses world-writable permissions for the rcleartool script, which allows local users to gain privileges by appending commands.
CVE-2013-5375 2 Ibm, Redhat 3 Java, Network Satellite, Rhel Extras 2025-04-11 N/A
Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL.
CVE-2013-5376 1 Ibm 2 Storwize V7000 Unified, Storwize V7000 Unified Software 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.2.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, related to a "cross frame scripting" attack against an administrative user.
CVE-2013-5378 1 Ibm 1 Websphere Portal 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.x before 8.0.0.1 CF8 allows remote authenticated users to inject arbitrary web script or HTML by leveraging incorrect IBM Connections integration.
CVE-2013-5379 1 Ibm 1 Websphere Portal 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.x before 7.0.0.2 CF25 and 8.x before 8.0.0.1 CF8 allows remote authenticated users to inject arbitrary web script or HTML by leveraging improper tagging functionality.